package com.medata.realm;

import com.medata.dataObject.Account;
import com.medata.dataObject.UserRole;
import com.medata.service.impl.AccountServiceImpl;
import com.medata.service.impl.UserRoleServiceImpl;
import com.medata.utils.Md5SaltUtil;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;
import org.springframework.data.redis.core.StringRedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.stereotype.Component;

import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.TimeUnit;

/**
 * @author ：zb
 * @date ：Created in 2019/3/22 0022 16:53
 * @description：
 */
@Component
public class AdminRealm extends AuthorizingRealm {
	
    Md5SaltUtil md5SaltUtil=new Md5SaltUtil();

    @Autowired
    @Lazy
    private AccountServiceImpl accountService;
    @Autowired
    private UserRoleServiceImpl userRoleService;
    @Autowired
    private StringRedisTemplate redisTemplate;


    @Override    //验证身份
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        UsernamePasswordToken token=(UsernamePasswordToken)authenticationToken;
        Account account = accountService.findByUserName(token.getUsername());
        if (account==null){
            throw new UnknownAccountException("用户名错误");
        }
        ValueOperations<String, String> ops = redisTemplate.opsForValue();
        String s = ops.get(token.getUsername());
        if (s!=null){
            if (Integer.valueOf(s)>5){
                throw new AccountException("密码错误5次");
            }
        }
        String password=account.getPassword();
        char[] o = (char[]) token.getCredentials();
        String user_password=String.valueOf(o);
        if (password==null){
            throw new AccountException("用户名不正确");
        }
        //加盐加密
       // String HashUserPassword = md5SaltUtil.getHashNameSalt(user_password, account.getUserName());
        if (!password.equals(user_password)){
            if (s==null){
                ops.set(token.getUsername(),"1",5,TimeUnit.MINUTES);
            }else {
                ops.set(token.getUsername(),String.valueOf(Integer.valueOf(s)+1),5,TimeUnit.MINUTES);
            }
            throw new AccountException("密码不正确");
        }
//        if (password.equals(HashUserPassword)){
//            System.out.println("yes");
//        }
        return new SimpleAuthenticationInfo(token.getPrincipal(),user_password,getName());
    }

    @Override   //验证权限
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
        System.out.println("————权限认证————");
        SimpleAuthorizationInfo info = new SimpleAuthorizationInfo();
        String username = (String) SecurityUtils.getSubject().getPrincipal();
        Account account = accountService.findByUserName(username);
        UserRole userRole = userRoleService.findByRoleId(account.getRoleId());
        String roleName = userRole.getRoleName();

        Set<String> set = new HashSet<>();
      //  set.add(roleName);
        if (roleName.equals("管理员")) {
//            set.add("编目人员");
//            set.add("普通人员");
//            set.add("审核人员");
//            set.add("扫描人员");
//            set.add("质检人员");
            set.add("admin");
        }
        if (roleName.equals("编目人员")){
            set.add("editor");
        }
        info.setRoles(set);
        return info;
    }
}
